Part 5: Understand the Zuora API
Overview
So far you have seen the power and flexibility of using the Zuora Billing and Subscription engine from a web browser. You can do most of the things that you can do from UI through the use of APIs. This section talks about how to use the Zuora APIs to take orders from your website for Zuora. Before we start off on the path of how to take orders from your website, we strongly recommend you go through the API basics by reading the articles listed below.
Step 1: Learn About Zuora API
Step 2: Install Zuora API Tools
Now that you have learned the basics, we recommend that you now download the API utility tool to get a deeper look at the SOAP XML request and response. Think of the API tool as your API console where you can type in SQL like queries to access Zuora objects and see what the XML response looks like.
- Download our API utility. The API utility allows you to quickly test different calls, form XML, and troubleshoot.
- Download sample code from Github. Review sample code for PHP, Microsoft Azure, .NET, and Java. Ruby sample code can be found on Github courtesy of WildFire at: https://github.com/wildfireapp/zuora.
- Install the latest version of the Zuora WSDL. Using the most recent version of the WSDL ensures your access to Zuora’s new features and capabilities.
When you configure the sample code for your language make sure to replace the userid and password with the credentials of an API user your created in Milestone 3.
At this point you have everything you need to start making API calls to access objects in Zuora. Lets now look at how to take a brand new order from your website.
Step 3: Create Web Pages to Collect Customer Information
By now you should be comfortable accessing Zuora objects using SOAP API calls. In addition to accessing core Zuora objects through direct SOAP API calls through Zuora Object Query Language (ZOQL), Zuora also allows developers to do multiple things through Use Case based method calls. One such call is called the subscribe() call that allows you to create a new Account, add a payment method (example a credit card), create a subscription, generate a new Invoice and collect a payment, all in one single method call.
In order to make a subscribe call you would need to collect the following three basic pieces of data before you can send them to Zuora in the subscription call:
- Customer information: Create a web form to gather customer data like First Name, Last Name, Bill To and/or Sold To Contact.
- Product Rate Plan Id: The ID of the product rate plan that the customer is going to subscribe to. You can get the Id from your Product Catalog and embed this in your website's page which could be the landing page for you store.
- Payment information: Customer's credit card information. You can either have the Account information and the Credit Card form collection form on the same page or you can have two separate web pages, one to collect Account information and another to collect credit card information before building out a subscribe call.
Utilizing Z-Payments Page for PCI compliance
Accepting credit card payment methods online requires you (as the merchant) to achieve and maintain a level of security that meets the requirements of the Payment Card Industry (PCI Compliance). PCI Data Security Standard (PCI DSS) is a set of requirements to ensure companies that process, store, or transmit credit card information maintain a secure environment. See PCI SSC Data Security Standards Overview for more information on PCI Compliance.
If your organization has access to our premium Z-Payments Page, Zuora recommends you use this feature to accept payment information in a PCI compliant manner. The Z-Payments Page is a customizable payment form hosted by Zuora that can be embedded in your checkout path that allows customers to enter their sensitive cardholder information without any of it passing through your environment. Follow this link to learn more about the Z-Payments Page and how to implement it on your website.
What's Next
Next, proceed to Zuora API Object Basics.